In terms of looking ahead to the next year or two, in what areas do you see yourselves having to acquire additional skills or resources? Calabrese: Our goal is to target faster delivery of service. I dont think there is a person here with a computer at their disposal who would be able to function through to the end of the day were that computer to be down for any reason.That time to response has to be shrunk, and the only way to do it is to take and apply more intelligent approaches. What about disruptions to IT that are not the result of malice but are just ordinary flakiness in the system? Are you finding that systems are generally more reliable? Calabrese: Again, as a matter of necessity, in part because of the frequent occurrence of patching, weve had to really hammer down the standard compute model. Of course, the downside is, if I send out an update to 2,000 computers, Im just as likely to kill all 2,000. Gunnerson: On the server side, we have more of a feeling of the danger that Frank just talked about: What, if any, of the patches might clobber the applications were running? The real trick on some of this is you run [a patch] and see if things die. Or you say, "Do I really need to do that one, or is the threat low enough that I can wait until the next patch cycle to make it happen?" Benincasa: On workstations, were pretty much deploying patches as they get released. On servers, were normally a little bit behind the curve because our concerns are mostly on the servers. We dont have a big-enough test lab to test every circumstance of every application that were running. So, do you rely to some extent on waiting to see what happens when other people deploy? Benincasa: Yes, and we wait to see if theres information from the news magazines, etc., about a patch being deployed and destroying an application, that type of thing. You also get a fairly good feel, even though youre not running the applications per se on the workstation, when all of a sudden the workstation is failingit kind of gives you a feel of how clean the patch is. Are you spending more time scanning and monitoring? Benincasa: Oh, definitely. Do you think you will continue to spend more time on these tasks, or are tools becoming available that will ease the burden? Benincasa: I think the tools are getting better, but I think the tools will always remain behind the attacks because the attacks are targeting things that no one is thinking about. Were protecting things today, but somebody will attack something in two weeks that nobodys even thought about. I dont know how that will ever be eliminated. I think thats the nature of it. Next page: The problem with legislation.
The minute one computer is down, let alone several computers, we start ticking off lost dollars. So it really is a race.